2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 10/08/2005 *
4 * =================== Last change: 01/01/2006 *
6 * -------------------------------------------------------------------- *
7 * File : gen_sql_patches.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Patch password system after upgrading *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Patcht das Passwort-System nach DB-Update *
12 * -------------------------------------------------------------------- *
13 * Copyright (c) 2003 - 2009 by Roland Haeder *
14 * Copyright (c) 2009 - 2013 by Mailer Developer Team *
15 * For more information visit: http://mxchange.org *
17 * This program is free software; you can redistribute it and/or modify *
18 * it under the terms of the GNU General Public License as published by *
19 * the Free Software Foundation; either version 2 of the License, or *
20 * (at your option) any later version. *
22 * This program is distributed in the hope that it will be useful, *
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
25 * GNU General Public License for more details. *
27 * You should have received a copy of the GNU General Public License *
28 * along with this program; if not, write to the Free Software *
29 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
31 ************************************************************************/
33 // Some security stuff...
34 if (!defined('__SECURITY')) {
38 // Check if there is no scrambling string
39 if (getPassScramble() == '') {
40 // Generate 40 chars long scramble string
41 $scrambleString = genScrambleString(40);
43 // ... and store it there for future usage
44 updateConfiguration('pass_scramble', $scrambleString);
46 // Remove dummy string
47 unset($scrambleString);
50 // Check if there is no master salt string
51 if (getMasterSalt() == '') {
52 // Generate the master salt which is the first chars minus 40 chars of this random hash
53 // We do an extra scrambling here...
54 $masterSalt = scrambleString(sha1(generatePassword(mt_rand(128, 256))));
56 // ... and store it there for future usage
57 updateConfiguration('master_salt', $masterSalt);
59 // Remove dummy string
63 if ((getFileHash() == '') || (!isFileReadable(getGenericHashFileName()))) {
64 // Create filename from hashed random string
65 $fileHash = sha1(generatePassword(mt_rand(128, 256)));
66 $FQFN = sprintf('%s%s.%s%s',
73 // Generate secret key from a randomized string
74 $secretKey = sha1(generateHash(mt_rand(128, 256)));
76 // File hash was never created
77 writeToFile($FQFN, $secretKey);
80 if (isFileReadable($FQFN)) {
81 // Also update configuration
82 setConfigEntry('secret_key', $secretKey);
85 updateConfiguration('file_hash', $fileHash, '', '0', TRUE);
93 // @TODO Rewrite this to a filter
94 if ((isExtensionInstalledAndNewer('cache', '0.1.2')) && (isValidCacheInstance())) {
95 // Destroy some cache files
96 foreach (array('config', 'extension', 'filter', 'modules') as $cache) {